The correct answer is A . SLOs — service-level objectives — are measurable targets used to determine whether a service provider is meeting expected performance requirements. When incident response is outsourced, the organization needs SLOs to measure third-party performance against KPIs such as response time, remediation time, reporting timeliness, and service effectiveness.
The Secbay CySA+ guide states that SLOs are “specific, measurable targets” for the performance and reliability of a service or process. It also explains that SLO reporting includes achievement summaries, trend analysis, and deviations from expected performance.
The official CySA+ objectives include SLOs under metrics and KPIs, and incident response reporting includes metrics such as mean time to detect, mean time to respond, mean time to remediate, and alert volume. The Sybex CySA+ Study Guide also states that SLOs define metrics such as time to remediate or patch and are often part of vendor or service agreements.
Why the other options are incorrect:
B is incorrect because SLOs are not primarily for finding hidden costs.
C is incorrect because SLOs do not calculate a risk score.
D is incorrect because risk appetite belongs to governance and risk management, not SLO measurement.
